Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities

Multiple vulnerabilities in the Internet Key Exchange Version 2 IKEv2 feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow a remote attacker to leak memory when parsing IKEv2 packets, triggering a denial of...

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities

Multiple vulnerabilities in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow a remote attacker to cause an affected device to stop responding or to reload unexpectedly,...

Moderate: Red Hat Security Advisory: Red Hat Developer Hub 1.9.0 release.

Red Hat Developer Hub 1.9.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

BELL-CVE-2026-27199 CVE-2026-27199 does not affect BellSoft software

Bulletin has no description...

CVE-2025-66168

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

Arbitrary Argument Injection

mcp-server-git is vulnerable to Arbitrary Argument Injection. The vulnerability is due to the gitdiff and gitcheckout functions passing user-controlled arguments directly to git CLI commands without sanitization, where flag-like values would be interpreted as command-line options rather than git...

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

Canon IJ Scan Utility registers Windows services with unquoted file paths

Overview IJ Scan Utility provided by Canon Inc. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2026-1585 Canon Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact A user may execute arbitrary code with SYSTEM...

Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026)

Overview Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. Impact Remote code execution due to a directory traversal vulnerability...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - January 2026 CPU and CVE-2026-1188

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

SUSE CVE-2026-26314

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, a vulnerable node can be forced to shutdown/crash using a specially crafted message. The problem is resolved in the v1.16.9 and v1.17.0 releases of Geth...

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure FTD Software 安全特征问题漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure FTD Software are products of Cisco, a company based in the United States. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure FTD Software is the core software platform for...

Cisco多款产品 安全漏洞

Cisco IOS XE Software, etc., are products of the American company Cisco. Cisco IOS XE Software is a network operating system. Cisco Secure FTD Software is the core software platform for next-generation firewall systems. Cisco Secure Firewall Threat Defense Software is a firewall operating system...

Cisco Secure Firewall Threat Defense和Cisco IOS XE Software 资源管理错误漏洞

Cisco Secure Firewall Threat Defense and Cisco IOS XE Software are both products of the American company Cisco. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Cisco IOS XE Software is a network operating system. Both Cisco Secure Firewall Threat Defense and Cisco IOS XE...

PT-2026-23104

Name of the Vulnerable Software and Affected Versions ZITADEL versions 4.0.0 through 4.11.1 Description ZITADEL, an open source identity management platform, contains a cross-site scripting XSS issue in its login V2 interface, specifically within the /saml-post endpoint. This flaw allows for...

PT-2026-23027

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description A flaw exists in the VPN web services component that may allow a remote attacker t...

Fedora 42 : nextcloud (2026-889607c7a0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-889607c7a0 advisory. 32.0.6 release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

EUVD-2026-9330

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...

EUVD-2026-9326

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contains Reflected XSS vulnerabilities in invoice/order/contract modification modals. The application fails to properly sanitize user-supplied input from the righe GET...

Signed malware impersonating workplace apps deploys RMM backdoors

In February 2026, Microsoft Defender Experts identified multiple phishing campaigns attributed to an unknown threat actor. The campaigns used workplace meeting lures, PDF attachments, and abuse of legitimate binaries to deliver signed malware. Phishing emails directed users to download malicious...